- Anker recalls three power banks due to fire risk - stop using them now
- iOS 18.1 public beta arrives with Apple Intelligence - how to try it now
- Trying to break OpenAI's new o1 models? You might get banned
- I swapped my favorite $300 Bose earbuds for a $50 pair. Here's how the two compared
- I replaced my Shokz with these bone conduction headphones - and won't be going back
Is Apple's iCloud Keychain Secure to Use in 2024?
Apple iCloud Keychain’s fast factsPricing: Free for all Apple users
|
If you have an Apple device or are using an iPhone like I do, you may wonder if Apple’s iCloud Keychain is safe enough to be your password manager.
While iCloud Keychain allows you to autofill information — such as your Safari and app usernames, passwords and passkeys, credit card information and security codes, and Wi-Fi passwords — on your Apple devices, the big question remains: Is the tool secure enough in today’s cyberthreat environment?
In this article, I reviewed the Apple iCloud Keychain to help you decide if it’s the right fit for your password security needs.
What is Apple iCloud Keychain?
Apple iCloud Keychain is a password management system integrated into Apple devices. It stores and synchronizes passwords and credit card information across your iPhone, iPad, and Mac, making it easy to access your online accounts without remembering complex credentials. iCloud Keychain also generates strong, unique passwords for new accounts and offers features like password autofill and password sharing.
SEE: Are Password Managers Safe to Use? (TechRepublic)
How secure is the iCloud Keychain?
iCloud Keychain is secure for some basic online protection. To determine its level of security, let’s explore some of its key security features.
Two-factor authentication
If you’re an Apple device user, you might have noticed a second verification code anytime you sign in to a new device or browser with your Apple ID. iCloud Keychain’s 2FA adds an extra layer of security to protect your sensitive information. It requires your Apple ID password and a verification code sent to a trusted device or phone number to access or make changes to your iCloud Keychain data.
AES-256-GCM encryption
Apple uses a two-tier encryption system (AES-256-GCM) for iCloud Keychain data. Metadata is encrypted with a cached key for faster searches, while sensitive information is protected by a secret key that always requires Secure Enclave interaction. Keychain items are stored in a SQLite database, and access is strictly controlled by the security daemon, ensuring only authorized apps can access your data.
SEE: Best Mac Password Managers (TechRepublic)
Passkey
You can create passkeys to replace the passwords you use to sign in to supported apps and websites on your Apple device. The passkeys are encrypted and stored in your iCloud Keychain, where they aren’t visible to anyone, not even Apple.
Security recommendations
Another important security feature in the iCloud keychain is the ‘detect leaked passwords’ option. When you toggle this on, the password manager helps you monitor your passwords and alerts you when they seem compromised. This feature also suggests which passwords you must change, the site affected, and why.
What are the downsides of an iCloud Keychain?
The iCloud Keychain is very decent. For many people, it appears to be all they will need. While good, it’s not as full-featured or mature as dedicated password managers. During use, I noticed that the iCloud Passwords and Keychain don’t perform these functions on my iPhone:
Difficult to share passwords
Sharing passwords stored in iCloud Keychain is limited to Apple devices within your trusted group. This means you must add people to your trusted group before sharing passwords, requiring them to have iCloud Keychain enabled. If you need to share passwords with individuals outside Apple’s ecosystem, you’ll have to resort to less secure methods like text messages or email, which I consider risky.
Not open source
Apple iCloud Keychain is closed source, meaning it cannot be independently verified by researchers on how it works and stores data. Dedicated password managers like NordPass, Keeper, and 1Password have all been verified by independent auditors. Another issue here is that when a problem like bugs or security issues arise in the Keychain, only Apple can find and fix them, and most often they are not as fast as an open-source environment where anybody can audit and repair the codes.
SEE: 5 Best Password Managers Built for Teams in 2024 (TechRepublic)
Won’t work on non-Apple devices
The Apple Keychain is known to work only on Apple devices, and recently in higher versions of Windows. If you have Android or use Linux, you may not be able to sync your iCloud Keychain data to your device. This may result in you having a separate password management solution for your non-Apple devices, and the hassle might not be what everybody wants.
Lacks flexibility
iCloud Keychain only lets you store passwords, passkeys, and credit cards and monitor your passwords for any leaks. Other functions, like attaching files to items and specifying password criteria, are not available with the iCloud Keychain. This lack of flexibility can get constrictive when you have something that needs secure storage yet does not fit neatly into Apple’s structure.
Should I use Keychain on my iPhone?
If you exclusively use an iPhone alongside other Apple products and do not work in an environment where you may need to share passwords with individuals using different devices, then using iCloud Keychain could be ideal. It’s secure and convenient. But if you often use a variety of devices and browsers, you’re going to want a dedicated password manager instead.
How to turn on iCloud Keychain on iPhone
Setting up the iCloud Keychain on your iPhone is very easy. Follow this simple step to complete the process:
Go to Settings > Tap your name > Choose iCloud > Tap iCloud Passwords and Keychain > Turn On the iCloud Keychain.
Note that you may be asked for your Apple ID password or passcode in this process. iCloud Keychain may also require you to create an iCloud Security Code. This is to help you add extra devices to your account or verify your identity when performing some iCloud Keychain actions.
What happens if I delete the iCloud Keychain?
You can delete the iCloud Keychain data from your Apple devices if you wish to. From my experience, when I tried to sign out of iCloud while the Keychain was enabled on my iPhone, I was prompted to keep or delete my passwords, passkeys, and credit card information.
When I kept the information, the details were retained on my device but didn’t update or sync when signed in with another device.
SEE: How to Run a Cybersecurity Risk Assessment in 5 Steps (TechRepublic Premium)
I noticed that when I opted to delete the information before signing out, the Keychain data was still retained in the iCloud servers but permanently deleted from my device. The data was synced to my device again when I re-enabled the iCloud Keychain.
One important thing to keep in mind is that disabling iCloud Keychain or signing out of iCloud on your device means you’ll lose access to shared password groups. But other group members you added before signing out will still have access to the passwords and passkeys you’ve shared.
iCloud Keychain alternatives to consider
If you prefer to try other password managers, here are the top Apple iCloud Keychain alternatives that I tested in the course of this review.
| Features | Apple iCloud Keychain | NordPass | 1Password | Keeper |
|---|---|---|---|---|
| Biometric login | Yes | Yes | Yes | Yes |
| Passkeys | Yes | Yes | Yes | Yes |
| Maximum devices | 10 devices | Unlimited | Unlimited | Unlimited |
| Free version | Free for all Apple device owners | Yes | Yes, 14-day free trial | Yes |
| VPN service | No | Yes | No | No |
| Supported operating systems | All native Apple Operating Systems, plus Windows | Windows, macOS, Linux, iOS, and Android | macOS, iOS, Windows, Android, and Linux | Chrome OS, iOS, Windows, Android, macOS, and Linux |
| Password auditing | No | Yes | Yes | Yes |
| Starting price | Free for all Apple device users | $1.59 per month | $2.99 per month | $2.92 per month |
| Visit NordPass | Visit 1Password | Visit Keeper Security |
NordPass: Best password manager alternative to iCloud Keychain
NordPass offers many security solutions that are not readily available on the iCloud Keychain. I like the password manager due to its simplified user interface that allows you to save information with just a click. You can easily generate passwords, share passwords with co-workers, and find out if your data has been breached. NordPass has a VPN service and uses the XChaCha20 instead of the AES-256 encryption standard the iCloud Keychain employs. Though not so popular, the XChaCha20 encryption doesn’t always require hardware support for efficient performance, unlike AES-256.
I like that NordPass works across different operating systems and platforms, including macOS, iOS, Android, Windows, and Linux. iCloud Keychain only works with Apple devices, Safari browser, and Windows. Another reason I choose NordPass as my best alternative to iCloud Keychain is that the password manager offers a free version that includes all necessary features, such as unlimited password storage and cross-device sync. The paid version starts at $1.59 per month if you desire to have more advanced protection.
1Password: Best alternative to iCloud Keychain for password sharing
While the 1Password free trial only lasts for 14 days, it’s still a cool alternative to Apple Keychain for password sharing. 1Password combines biometric options like fingerprint, Face ID, Watchtower, and 2FA authentication to comprehensively provide users with the security solutions they need.
1Password unique features like the Password Secure Sharing Tool (Psst) allows you to securely share passwords with people without compromising your safety. In contrast, iCloud Keychain allows you to only share passwords with people you added to your Family group, and this is sometimes not too secure because you might be giving people more access to your information than they need.
1Password premium plan starts at $2.99 per month and offers decent password management features like login autofill and sharing, password generator, and Watchtower for breach monitoring, and you can use it on all your devices.
Keeper: Best alternative to iCloud Keychain for enterprise password management
Keeper is a good password manager with an easy-to-use interface. The solution prevents data breaches with zero-trust enterprise password management. Keeper’s dark web monitoring service, BreachWatch, constantly scans the dark web and notifies you if it finds credentials that match the ones stored in your Keeper Vault.
The thing I like about Keeper is that it can show real-time data on your security risks with organization-wide visibility, control, event logging, and reporting. Keeper has also undergone an independent security audit, so you can be certain that the security of users’ data is guaranteed.
On the other hand, iCloud Keychain does not offer you real visibility into your password management system. And since iCloud Keychain is a closed-source solution, it has not undergone a security audit either. Also bear in mind that Keeper offers more features and security than iCloud Keychain for a relatively affordable price, starting at just $2.92 per month.
Is a dedicated password manager worth having in 2024?
iCloud Keychain is a built-in password manager in all Apple devices, including Macs, iPhones, iPads, and MacBooks. The solution is safe and has a combination of biometric verification, 2FA authentication, and AES-256 encryption in its security suite.
However, today’s online threat landscape requires more than just basic security. Dedicated password managers like NordPass, Keeper, and 1Password with comprehensive password management features are the way to go in 2024. These password managers can work on non-Apple devices, have dark web monitoring, secure password-sharing options, and connect to unlimited devices.
One thing I can say is that your choice of a dedicated password manager should be subject to your password management needs. For large enterprises, a dedicated password manager offers more comprehensive features and security. However, if you only need basic password protection for your Apple devices, iCloud Keychain can still be a reliable option.
FAQs
Is Apple’s iCloud keychain linked to Apple ID?
Yes, Apple’s iCloud Keychain is linked to your Apple ID. This allows it to store and sync passwords and other sensitive information across your Apple devices.
Is it safe to store passwords on an iPhone?
The iPhone iCloud Keychain can safely store your passwords, but there are better password storage managers with more security and organization than the iCloud Keychain, especially when storing sensitive information.
